Stop automatic e-mail forwarding in Exchange Online
Here's the scenario: A user's O365 account was successfully Phished. The attacked logged in to Outlook online, rifled around the user's mailbox and then decided to implement an auto-forward rule to send any newly received messages to some external e-mail address. You dutifully killed the auto-forwarding rule as part of the account remediation. But you ask yourself: why permit auto-forwarding to external e-mail addresses in the first place? (in point of fact, a lot of organizations ban this practice in policy, citing that storing organizational information on systems outside of their reach is a good way to lose control of their intellectual property). If you seek advice on banning the automated forwarding of e-mail to external addresses, you'll likely be told to setup an Exchange Transport Rule. Here's an example: https://support.office.com/en-us/article/stop-auto-forwarding-emails-in-microsoft-365-f9d693ba-5c78-47c0-b156-8e461e062aa7 That was easy? Not so fa